Intrusion Prevention

MS.Windows.TCP.Timestamp.Code.Execution

Description

This indicates an attack attempt to exploit a remote Code Execution vulnerability in Microsoft Windows.
The vulnerability is due to an error when the vulnerable system attempts to handle malicious TCP packets. An attacker can exploit this by sending malicious packets to the victim system.

Affected Products

Microsoft Windows 2000 Service Pack 4
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2
Windows Vista, Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://technet.microsoft.com/security/bulletin/ms09-048

CVE References

CVE-2009-1925